#federal-cybersecurity

[ follow ]
#cisa #vulnerability-management #active-exploitation #government-shutdown #critical-patches #cisa-kev-catalog
#vulnerability-management
fromSecurityWeek
1 day ago
Information security

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA added three critical vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch them within one to two weeks due to active exploitation threats.
fromThe Hacker News
1 day ago
Information security

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA added three actively exploited vulnerabilities to its KEV catalog, including critical flaws in SolarWinds Web Help Desk, Omnissa Workspace One UEM, and Ivanti Endpoint Manager, with federal agencies required to patch by mid-to-late March 2026.
Information security
fromThe Hacker News
1 day ago

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

CISA added three actively exploited vulnerabilities to its KEV catalog, including critical flaws in SolarWinds Web Help Desk, Omnissa Workspace One UEM, and Ivanti Endpoint Manager, with federal agencies required to patch by mid-to-late March 2026.
more#vulnerability-management
Washington DC
fromNextgov.com
5 days ago

DOD names James "Aaron" Bishop to serve as CISO

James Bishop, former Air Force CISO, appointed as Department of Defense's department-wide CISO and deputy chief information officer for cybersecurity, replacing retiring David McKeown.
#cisa
fromTechCrunch
3 months ago
Information security

CISA warns federal agencies to patch flawed Cisco firewalls amid 'active exploitation' across the US government | TechCrunch

fromTechCrunch
3 months ago
Information security

CISA warns federal agencies to patch flawed Cisco firewalls amid 'active exploitation' across the US government | TechCrunch

more#cisa
fromNextgov.com
1 month ago

OMB reverses Biden-era software attestation order

The White House on Friday rescinded a 2022 order that mandated a single, standardized self-attestation form for federal agencies to obtain cybersecurity assurances from software vendors, arguing the policy hindered agencies from adopting security solutions for their specific system needs. "There is no universal, one-size-fits-all method of achieving that result," Office of Management and Budget Director Russ Vought said in the memo released Friday. "Each agency should validate provider security utilizing secure development principles and based on a comprehensive risk assessment."
US politics
US politics
fromWIRED
2 months ago

Fears Mount That US Federal Cybersecurity Is Stagnating-or Worse

The government shutdown worsened federal cybersecurity risks by creating monitoring blind spots, disrupting contractor relationships, and slowing contracts and hiring, increasing vulnerability to major breaches.
Information security
fromChannelPro
2 months ago

Keeper Security expands federal bench with latest senior hires

Keeper Security appointed Shannon Vaughn and Benjamin Parrish to federal leadership to strengthen identity security and advance zero-trust modernization across government agencies.
fromWIRED
4 months ago

The Government Shutdown Is a Ticking Cybersecurity Time Bomb

implemented additional monitoring and new security controls to further protect the agency's systems
Information security
Information security
fromNextgov.com
4 months ago

US cyber policy goals have regressed during Trump 2.0 in 'unprecedented setback,' landmark report says

Federal cyber policy has regressed about 13%, with workforce cuts, funding reductions, and rollback of initiatives undermining CISA, State cyber diplomacy, and counter-disinformation efforts.
Privacy professionals
fromNextgov.com
10 months ago

Mounting cyber defense in the face of unexpected staff reductions

Federal cybersecurity is adjusting to workforce and budget cuts, challenging agencies to enhance strategies while maintaining resilience.
[ Load more ]